Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
ePAY-Advice_Rf[UC7749879100].exe
|
PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
|
initial sample
|
 |
|
|
C:\Users\user\AppData\Local\Temp\Kontos.ini
|
ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Local\Temp\nsp7072.tmp\System.dll
|
PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\5D4ACB\B73EF6.lck
|
very short file (no magic)
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-3425316567-2969588382-3778222414-1001\1b1d0082738e9f9011266f86ab9723d2_11389406-0377-47ed-98c7-d564e683c6eb
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\AEGISIIIRadeonHelper.dll
|
PE32+ executable (DLL) (GUI) x86-64, for MS Windows
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\Fatalismen.Int
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\Provokations.Fje
|
data
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\Rekapitulerer\Inseminerede79\avatar-default-symbolic.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\Rekapitulerer\Inseminerede79\be.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\Rekapitulerer\Inseminerede79\changes-allow-symbolic.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\Rekapitulerer\Inseminerede79\dotnet.api
|
HTML document, ASCII text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\Rekapitulerer\Inseminerede79\ebook-reader.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\Rekapitulerer\Inseminerede79\emblem-photos-symbolic.svg
|
SVG Scalable Vector Graphics image
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\Rekapitulerer\Inseminerede79\font-select-symbolic.symbolic.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\Rekapitulerer\Inseminerede79\network-wired-symbolic.symbolic.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\Rekapitulerer\Inseminerede79\pan-start-symbolic.symbolic.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\Rekapitulerer\Inseminerede79\printer-symbolic.symbolic.png
|
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\Rekapitulerer\Inseminerede79\pt-br.txt
|
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
|
dropped
|
||
|
C:\Users\user\AppData\Roaming\fumigatorium\Tertser\Omstrukturdnr\omfartsvejene\Reberbanernes\Muhamedaneres\Sminknings\LogoCanary.png
|
PNG image data, 600 x 600, 8-bit/color RGBA, non-interlaced
|
dropped
|
There are 10 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Users\user\Desktop\ePAY-Advice_Rf[UC7749879100].exe
|
C:\Users\user\Desktop\ePAY-Advice_Rf[UC7749879100].exe
|
|
|
|
C:\Users\user\Desktop\ePAY-Advice_Rf[UC7749879100].exe
|
C:\Users\user\Desktop\ePAY-Advice_Rf[UC7749879100].exe
|
|
|
|
C:\Windows\SysWOW64\WerFault.exe
|
C:\Windows\SysWOW64\WerFault.exe -u -p 4428 -s 2000
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://zed-unusual-activity-com.veldaeffertz.ml/CodkZc57.sear&
|
unknown
|
|
|
|
https://zed-unusual-activity-com.veldaeffertz.ml/z
|
unknown
|
|
|
|
http://171.22.30.147/flowe/five/fre.php
|
171.22.30.147
|
|
|
|
https://zed-unusual-activity-com.veldaeffertz.ml/
|
unknown
|
|
|
|
https://zed-unusual-activity-com.veldaeffertz.ml/CodkZc57.sea
|
188.114.96.3
|
|
|
|
https://zed-unusual-activity-com.veldaeffertz.ml/0
|
unknown
|
|
|
|
https://zed-unusual-activity-com.veldaeffertz.ml/P
|
unknown
|
|
|
|
https://zed-unusual-activity-com.veldaeffertz.ml/CodkZc57.sea-T
|
unknown
|
|
|
|
http://www.w3c.org/TR/1999/REC-html401-19991224/frameset.dtd
|
unknown
|
||
|
http://nsis.sf.net/NSIS_Error
|
unknown
|
||
|
https://inference.location.live.net/inferenceservice/v21/Pox/GetLocationUsingFingerprinte1e71f6b-214
|
unknown
|
||
|
http://inference.location.live.com11111111-1111-1111-1111-111111111111https://partnernext-inference.
|
unknown
|
||
|
http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd
|
unknown
|
||
|
http://nsis.sf.net/NSIS_ErrorError
|
unknown
|
||
|
http://www.ibm.com/data/dtd/v11/ibmxhtml1-transitional.dtd-//W3O//DTD
|
unknown
|
||
|
http://www.gopher.ftp://ftp.
|
unknown
|
There are 6 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
zed-unusual-activity-com.veldaeffertz.ml
|
188.114.96.3
|
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
171.22.30.147
|
unknown
|
Germany
|
|
|
|
188.114.96.3
|
zed-unusual-activity-com.veldaeffertz.ml
|
European Union
|
Registry
|
Path
|
Value
|
Malicious
|
|
|---|---|---|---|
|
HKEY_CURRENT_USER\SOFTWARE\Shabbyish\Retablerings
|
Aphetism
|
Memdumps
|
Base Address
|
Regiontype
|
Protect
|
Malicious
|
|
|---|---|---|---|---|
|
3DE8000
|
direct allocation
|
page execute and read and write
|
|
|
|
400000
|
unkown
|
page readonly
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page readonly
|
||
|
1F2BCF40000
|
heap
|
page read and write
|
||
|
3510F000
|
stack
|
page read and write
|
||
|
1F2BD113000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
5060000
|
remote allocation
|
page read and write
|
||
|
5E0000
|
heap
|
page read and write
|
||
|
28D1000
|
heap
|
page read and write
|
||
|
5351000
|
heap
|
page read and write
|
||
|
1F2BD100000
|
heap
|
page read and write
|
||
|
429000
|
unkown
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
349E0000
|
direct allocation
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
3240000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
4C0000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
1F2BCC10000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page readonly
|
||
|
28D6000
|
heap
|
page read and write
|
||
|
3F18000
|
remote allocation
|
page execute and read and write
|
||
|
2B18000
|
remote allocation
|
page execute and read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
34D7D000
|
stack
|
page read and write
|
||
|
1F2BD100000
|
heap
|
page read and write
|
||
|
1F2BCD80000
|
trusted library allocation
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
5EA000
|
unkown
|
page execute read
|
||
|
51A0000
|
heap
|
page read and write
|
||
|
350CE000
|
stack
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
5258000
|
heap
|
page read and write
|
||
|
28DE000
|
heap
|
page read and write
|
||
|
520D000
|
heap
|
page read and write
|
||
|
5E8000
|
unkown
|
page execute read
|
||
|
30000
|
heap
|
page read and write
|
||
|
529B000
|
heap
|
page read and write
|
||
|
34CBE000
|
stack
|
page read and write
|
||
|
525F000
|
heap
|
page read and write
|
||
|
433000
|
unkown
|
page read and write
|
||
|
79000
|
heap
|
page read and write
|
||
|
1F2BCE13000
|
unkown
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
28DC000
|
heap
|
page read and write
|
||
|
6DA25000
|
unkown
|
page readonly
|
||
|
522F000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
1F2BD002000
|
heap
|
page read and write
|
||
|
34CFF000
|
stack
|
page read and write
|
||
|
400000
|
unkown
|
page readonly
|
||
|
20000
|
unclassified section
|
page readonly
|
||
|
70000
|
trusted library allocation
|
page read and write
|
||
|
4C5000
|
heap
|
page read and write
|
||
|
1F2BD113000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
5296000
|
heap
|
page read and write
|
||
|
51A8000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
34C7F000
|
stack
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
2330000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6C10000
|
trusted library allocation
|
page read and write
|
||
|
27BF000
|
stack
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
2375000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
5299000
|
heap
|
page read and write
|
||
|
34E50000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
52DF000
|
stack
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
28D7000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
1D0000
|
unclassified section
|
page readonly
|
||
|
1F2BCE2A000
|
heap
|
page read and write
|
||
|
5224000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
3330000
|
trusted library allocation
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6C10000
|
trusted library allocation
|
page read and write
|
||
|
6A2000
|
heap
|
page read and write
|
||
|
5204000
|
heap
|
page read and write
|
||
|
60000
|
direct allocation
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
5136000
|
direct allocation
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6DA20000
|
unkown
|
page readonly
|
||
|
5490000
|
direct allocation
|
page read and write
|
||
|
6C10000
|
trusted library allocation
|
page read and write
|
||
|
51E8000
|
direct allocation
|
page execute and read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
5040000
|
heap
|
page read and write
|
||
|
509E000
|
stack
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
28D3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
1F2BCF15000
|
trusted library allocation
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
34860000
|
heap
|
page read and write
|
||
|
5351000
|
heap
|
page read and write
|
||
|
3330000
|
trusted library allocation
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
3524F000
|
stack
|
page read and write
|
||
|
65E8000
|
direct allocation
|
page execute and read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
1F2BCF00000
|
trusted library allocation
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
71000
|
heap
|
page read and write
|
||
|
436000
|
unkown
|
page readonly
|
||
|
34880000
|
direct allocation
|
page read and write
|
||
|
70000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
2260000
|
heap
|
page read and write
|
||
|
225E000
|
stack
|
page read and write
|
||
|
3518000
|
remote allocation
|
page execute and read and write
|
||
|
1F2BCE10000
|
unkown
|
page read and write
|
||
|
5BE8000
|
direct allocation
|
page execute and read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
5255000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
2214000
|
heap
|
page read and write
|
||
|
34F0E000
|
stack
|
page read and write
|
||
|
43F000
|
unkown
|
page readonly
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
5210000
|
heap
|
page read and write
|
||
|
28DE000
|
heap
|
page read and write
|
||
|
5060000
|
remote allocation
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
513A000
|
direct allocation
|
page read and write
|
||
|
5EE000
|
unkown
|
page execute read
|
||
|
349A0000
|
direct allocation
|
page read and write
|
||
|
2370000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6C99000
|
trusted library allocation
|
page read and write
|
||
|
28D6000
|
heap
|
page read and write
|
||
|
28DC000
|
heap
|
page read and write
|
||
|
4918000
|
remote allocation
|
page execute and read and write
|
||
|
3330000
|
trusted library allocation
|
page read and write
|
||
|
34C3E000
|
stack
|
page read and write
|
||
|
5350000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
43A000
|
unkown
|
page readonly
|
||
|
28D3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
524F000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
20000
|
unclassified section
|
page readonly
|
||
|
1F2BD013000
|
heap
|
page read and write
|
||
|
3508D000
|
stack
|
page read and write
|
||
|
511E000
|
stack
|
page read and write
|
||
|
1660000
|
remote allocation
|
page execute and read and write
|
||
|
2118000
|
remote allocation
|
page execute and read and write
|
||
|
48E000
|
stack
|
page read and write
|
||
|
5B85879000
|
stack
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
3330000
|
trusted library allocation
|
page read and write
|
||
|
3330000
|
trusted library allocation
|
page read and write
|
||
|
170000
|
direct allocation
|
page read and write
|
||
|
5B850FD000
|
stack
|
page read and write
|
||
|
1F2BCC80000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
1F2BD102000
|
heap
|
page read and write
|
||
|
1718000
|
remote allocation
|
page execute and read and write
|
||
|
5045000
|
heap
|
page read and write
|
||
|
47E8000
|
direct allocation
|
page execute and read and write
|
||
|
2210000
|
heap
|
page read and write
|
||
|
19A000
|
stack
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
5F0000
|
unkown
|
page execute read
|
||
|
699000
|
heap
|
page read and write
|
||
|
5EC000
|
unkown
|
page execute read
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
649000
|
unkown
|
page execute read
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
1F2BD000000
|
heap
|
page read and write
|
||
|
34D3E000
|
stack
|
page read and write
|
||
|
34E3F000
|
stack
|
page read and write
|
||
|
1F2BD102000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
96000
|
stack
|
page read and write
|
||
|
525F000
|
heap
|
page read and write
|
||
|
5224000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
5217000
|
heap
|
page read and write
|
||
|
407000
|
unkown
|
page readonly
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
34DFE000
|
stack
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
1F2BCE48000
|
heap
|
page read and write
|
||
|
3200000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
5219000
|
heap
|
page read and write
|
||
|
1F2BCE02000
|
unkown
|
page read and write
|
||
|
28DA000
|
heap
|
page read and write
|
||
|
421000
|
unkown
|
page read and write
|
||
|
531C000
|
stack
|
page read and write
|
||
|
180000
|
direct allocation
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6C60000
|
trusted library allocation
|
page read and write
|
||
|
50DF000
|
stack
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
30000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page read and write
|
||
|
43F000
|
unkown
|
page readonly
|
||
|
43F000
|
unkown
|
page readonly
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
85F000
|
stack
|
page read and write
|
||
|
34F4D000
|
stack
|
page read and write
|
||
|
5130000
|
direct allocation
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
54A0000
|
heap
|
page read and write
|
||
|
43A000
|
unkown
|
page readonly
|
||
|
5217000
|
heap
|
page read and write
|
||
|
6DA21000
|
unkown
|
page execute read
|
||
|
1D0000
|
unclassified section
|
page readonly
|
||
|
400000
|
unkown
|
page readonly
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
43A000
|
unkown
|
page readonly
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
3514E000
|
stack
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
668000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
409000
|
unkown
|
page write copy
|
||
|
5255000
|
heap
|
page read and write
|
||
|
5044000
|
heap
|
page read and write
|
||
|
424000
|
unkown
|
page read and write
|
||
|
524F000
|
heap
|
page read and write
|
||
|
3330000
|
trusted library allocation
|
page read and write
|
||
|
5B854FE000
|
stack
|
page read and write
|
||
|
6C99000
|
trusted library allocation
|
page read and write
|
||
|
5150000
|
heap
|
page read and write
|
||
|
626000
|
unkown
|
page execute read
|
||
|
33E8000
|
direct allocation
|
page execute and read and write
|
||
|
5F2000
|
unkown
|
page execute read
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
170000
|
direct allocation
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
6DA23000
|
unkown
|
page readonly
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
3330000
|
direct allocation
|
page execute and read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
5299000
|
heap
|
page read and write
|
||
|
1F2BCF02000
|
trusted library allocation
|
page read and write
|
||
|
660000
|
heap
|
page read and write
|
||
|
1F2BCE00000
|
unkown
|
page read and write
|
||
|
28D4000
|
heap
|
page read and write
|
||
|
401000
|
unkown
|
page execute read
|
||
|
522F000
|
heap
|
page read and write
|
||
|
6B3000
|
heap
|
page read and write
|
||
|
1F2BCE23000
|
unkown
|
page read and write
|
||
|
5060000
|
remote allocation
|
page read and write
|
There are 290 hidden memdumps, click here to show them.